New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
Bug 1788583: Node resolver: support IPv6 service IPs #151
Conversation
This is a quick fix to support IPv6 service IPs when processing services for /etc/hosts on the node. If a service exists but no A record is found, check for an AAAA record, and if found, use that instead. The assumption is that no A record will exist in the IPv6 environment, which seems to hold for now. This should enable the container runtime to resolve internal image registry names for image pulls.
seems OK to me |
In a followup sometime during the release it might be nice to port this function into a subcommand of the Go binary, it's beyond hairy at this point. |
Result on a node:
|
@@ -90,10 +90,16 @@ spec: | |||
declare -A svc_ips | |||
for svc in "${services[@]}"; do | |||
# Fetch service IP from cluster dns if present | |||
ips=($(dig @"${NAMESERVER}" +short "${svc}.${CLUSTER_DOMAIN}")) | |||
ips=($(dig -t A @"${NAMESERVER}" +short "${svc}.${CLUSTER_DOMAIN}")) |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
How about dig "@$NAMESERVER" +short A "${svc}.${CLUSTER_DOMAIN}" AAAA "${svc}.${CLUSTER_DOMAIN}"
?
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Although that prints an extra line: ";; Warning, extra type option", which we would need to ignore (or maybe we shouldn't ignore it...).
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
This should avoid the warning: dig "@$NAMESERVER" +short "${svc}.${CLUSTER_DOMAIN}" AAAA "${svc}.${CLUSTER_DOMAIN}"
.
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Refactor the whole thing to Go in a followup?
/lgtm |
/retest Please review the full test history for this PR and help us cut down flakes. |
14 similar comments
/retest Please review the full test history for this PR and help us cut down flakes. |
/retest Please review the full test history for this PR and help us cut down flakes. |
/retest Please review the full test history for this PR and help us cut down flakes. |
/retest Please review the full test history for this PR and help us cut down flakes. |
/retest Please review the full test history for this PR and help us cut down flakes. |
/retest Please review the full test history for this PR and help us cut down flakes. |
/retest Please review the full test history for this PR and help us cut down flakes. |
/retest Please review the full test history for this PR and help us cut down flakes. |
/retest Please review the full test history for this PR and help us cut down flakes. |
/retest Please review the full test history for this PR and help us cut down flakes. |
/retest Please review the full test history for this PR and help us cut down flakes. |
/retest Please review the full test history for this PR and help us cut down flakes. |
/retest Please review the full test history for this PR and help us cut down flakes. |
/retest Please review the full test history for this PR and help us cut down flakes. |
/retest Please review the full test history for this PR and help us cut down flakes. |
3 similar comments
/retest Please review the full test history for this PR and help us cut down flakes. |
/retest Please review the full test history for this PR and help us cut down flakes. |
/retest Please review the full test history for this PR and help us cut down flakes. |
I think something's up with the patch on AWS — seeing this in the node resolver container logs:
(That's the entirety of the logs.) |
That suggests that Another possibility is that something else is writing to Edit: My last paragraph doesn't make sense. Substitute |
Now I think we might be experiencing collateral damage from other CI issues. Need to go over the latest build cop communications, etc. |
https://search.svc.ci.openshift.org/?search=failed.*58+characters&maxAge=24h&context=2&type=all I don't think this patch is the cause of the aws-e2e failures. |
/lgtm |
[APPROVALNOTIFIER] This PR is APPROVED This pull-request has been approved by: ironcladlou, Miciah The full list of commands accepted by this bot can be found here. The pull request process is described here
Needs approval from an approver in each of these files:
Approvers can indicate their approval by writing |
/retest Please review the full test history for this PR and help us cut down flakes. |
1 similar comment
/retest Please review the full test history for this PR and help us cut down flakes. |
/cherry-pick release-4.3 @ironcladlou FYI |
@russellb: new pull request created: #152 In response to this:
Instructions for interacting with me using PR comments are available here. If you have questions or suggestions related to my behavior, please file an issue against the kubernetes/test-infra repository. |
@ironcladlou: Bugzilla bug 1788583 is in an unrecognized state (MODIFIED) and will not be moved to the MODIFIED state. In response to this:
Instructions for interacting with me using PR comments are available here. If you have questions or suggestions related to my behavior, please file an issue against the kubernetes/test-infra repository. |
This is a quick fix to support IPv6 service IPs when processing services
for /etc/hosts on the node. If a service exists but no A record is found,
check for an AAAA record, and if found, use that instead.
The assumption is that no A record will exist in the IPv6 environment,
which seems to hold for now.
This should enable the container runtime to resolve internal image
registry names for image pulls.